Control: tag 1028961 pending
Hi!
Bug #1028961 in package dpkg reported by you has been fixed in
the dpkg/dpkg.git Git repository. You can see the changelog below, and
you can check the diff of the fix at:
https://git.dpkg.org/cgit/dpkg/dpkg.git/diff/?id=3c42b0ed7
---
Dpkg::OpenPGP::Backend::GnuPG: Set secure signing preferred algorithms
The current GnuPG defaults with --openpgp cater for heavy backwards
compatibility at the cost of being insecure but potentially being
compatible with very old programs.
We care more about secure defaults than backwards compatibility with
ancient programs, so we pass our preferences to gpg when signing. This
should also cover the case for users that have created old keys with
insecure key preferences which might end up producing insecure
signatures.
Fixes: commit b83114daa69c50d368199d00fbb67e190068b273
Closes: #1028961
